Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2021-46250
An issue in SOA2Login::commented of ScratchOAuth2 before commit a91879bd58fa83b09283c0708a1864cdf067c64a allows malicious users to authenticate as other users on downstream components that rely on ScratchOAuth2.
Scratchoauth2 Project Scratchoauth2
10
CVSSv3
CVE-2021-1388
A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote malicious user to bypass authentication on an affected device. The vulnerability is due to improper token validation o...
Cisco Application Policy Infrastructure Controller 3.0\\(3i\\)
Cisco Aci Multi-site Orchestrator
10
CVSSv3
CVE-2017-13995
An Improper Authentication issue exists in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious malicious user to access sensitive information such as HMI pages or modify PLC variables...
Spidercontrol Ininet Webserver
10
CVSSv3
CVE-2017-7921
An Improper Authentication issue exists in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 buil...
Hikvision Ds-2cd2732f-i\\(s\\) Firmware -
Hikvision Ds-2cd2712f-i\\(s\\) Firmware -
Hikvision Ds-2cd2212-i5 Firmware -
Hikvision Ds-2cd2232-i5 Firmware -
Hikvision Ds-2cd4012f-\\(a\\) Firmware -
Hikvision Ds-2cd4012f-\\(p\\) Firmware -
Hikvision Ds-2cd4032fwd-\\(w\\) Firmware -
Hikvision Ds-2cd4112f-i\\(z\\) Firmware -
Hikvision Ds-2cd4112fwd-i\\(z\\) Firmware -
Hikvision Ds-2cd4212f-i\\(h\\) Firmware -
Hikvision Ds-2cd4212f-i\\(s\\) Firmware -
Hikvision Ds-2cd4312f-i\\(z\\) Firmware -
Hikvision Ds-2cd4312f-i\\(h\\) Firmware -
Hikvision Ds-2cd2412f-i\\(w\\) Firmware -
Hikvision Ds-2cd2432f-i\\(w\\) Firmware -
Hikvision Ds-2cd2112-i Firmware -
Hikvision Ds-2cd2032-i Firmware -
Hikvision Ds-2cd4012fwd-\\(p\\) Firmware -
Hikvision Ds-2cd4012fwd-\\(w\\) Firmware -
Hikvision Ds-2cd4032fwd-\\(a\\) Firmware -
Hikvision Ds-2cd4032fwd-\\(p\\) Firmware -
Hikvision Ds-2cd4132fwd-i\\(z\\) Firmware -
2 Metasploit modules
17 Github repositories
10
CVSSv3
CVE-2015-8747
The multifilesystem storage backend in Radicale prior to 1.1 allows remote malicious users to read or write to arbitrary files via a crafted component name.
Radicale Radicale
9.8
CVSSv3
CVE-2024-22212
Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an malicious user to authenticate as another user. It is recommended that the Nextcloud...
Nextcloud Global Site Selector
9.8
CVSSv3
CVE-2023-6875
The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, ...
Wpexperts Post Smtp Mailer
2 Github repositories
9.8
CVSSv3
CVE-2023-48251
The vulnerability allows a remote malicious user to authenticate to the SSH service with root privileges through a hidden hard-coded account.
Bosch Nexo-os
9.8
CVSSv3
CVE-2023-48250
The vulnerability allows a remote malicious user to authenticate to the web application with high privileges through multiple hidden hard-coded accounts.
Bosch Nexo-os
9.8
CVSSv3
CVE-2023-46740
CubeFS is an open-source cloud-native file storage system. Prior to version 3.3.1, CubeFS used an insecure random string generator to generate user-specific, sensitive keys used to authenticate users in a CubeFS deployment. This could allow an malicious user to predict and/or gue...
Linuxfoundation Cubefs
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »